Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2320

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2320
Last Modified 07 Mar 2011 09:35:57
Published 11 May 2006 08:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2320

Summary

Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209.

Vulnerable Systems

Application

  • Ideal Science Idealbb 1.5.0 Beta1

  • Ideal Science Idealbb 1.5.0 Beta2

  • Ideal Science Idealbb 1.5.0 Beta3

  • Ideal Science Idealbb 1.5.0 Beta4

  • Ideal Science Idealbb 1.5.0 Rc1

  • Ideal Science Idealbb 1.5.1

  • Ideal Science Idealbb 1.5.2

  • Ideal Science Idealbb 1.5.2a

  • Ideal Science Idealbb 1.5.2b

  • Ideal Science Idealbb 1.5.2c

  • Ideal Science Idealbb 1.5.3

  • Ideal Science Idealbb 1.5.3 Beta1

  • Ideal Science Idealbb 1.5.3 Beta2

  • Ideal Science Idealbb 1.5.3a

  • Ideal Science Idealbb 1.5.3b

  • Ideal Science Idealbb 1.5.4a


References

VUPEN - ADV-2006-1729

BID - 17920

BUGTRAQ - 20060508 Multiple Vulnerabilities In IdealBB ASP Bulletin Board

MISC - http://www.idealscience.com/ibb/posts.aspx?postID=24415

XF - idealbb-multiple-sql-injection(26354)

OSVDB - 25457

SREASON - 871

SECUNIA - 20035


Last Updated: 27 May 2016 10:42:25